Auto-Update: 2023-06-10T10:00:23.912733+00:00

2025-07-11 16:13:34 +00:00 · 2023-06-10 10:00:27 +00:00 · 2023-06-10 10:00:27 +00:00 · c404ab4b56
commit c404ab4b56
parent 6e181ee073
3 changed files with 125 additions and 8 deletions
--- a/CVE-2023/CVE-2023-31xx/CVE-2023-3190.json
+++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3190.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-3190",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2023-06-10T09:15:09.343",
+  "lastModified": "2023-06-10T09:15:09.343",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-116"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/nilsteampassnet/teampass/commit/241dbd4159a5d63b55af426464d30dbb53925705",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.dev/bounties/5562c4c4-0475-448f-a451-7c4666bc7180",
+      "source": "security@huntr.dev"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-31xx/CVE-2023-3191.json
+++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3191.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-3191",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2023-06-10T09:15:09.730",
+  "lastModified": "2023-06-10T09:15:09.730",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/nilsteampassnet/teampass/commit/241dbd4159a5d63b55af426464d30dbb53925705",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.dev/bounties/19fed157-128d-4bfb-a30e-eadf748cbd1a",
+      "source": "security@huntr.dev"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-06-10T06:00:26.718359+00:00
+2023-06-10T10:00:23.912733+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-06-10T05:15:08.970000+00:00
+2023-06-10T09:15:09.730000+00:00
 ```

 ### Last Data Feed Release
@ -29,22 +29,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-217392
+217394
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `2`

-* [CVE-2023-26132](CVE-2023/CVE-2023-261xx/CVE-2023-26132.json) (`2023-06-10T05:15:08.970`)
+* [CVE-2023-3190](CVE-2023/CVE-2023-31xx/CVE-2023-3190.json) (`2023-06-10T09:15:09.343`)
+* [CVE-2023-3191](CVE-2023/CVE-2023-31xx/CVE-2023-3191.json) (`2023-06-10T09:15:09.730`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `2`
+Recently modified CVEs: `0`

-* [CVE-2022-47015](CVE-2022/CVE-2022-470xx/CVE-2022-47015.json) (`2023-06-10T04:15:10.223`)
-* [CVE-2023-3184](CVE-2023/CVE-2023-31xx/CVE-2023-3184.json) (`2023-06-10T04:15:10.330`)


 ## Download and Usage